<?
/*
Bitsand - a web-based booking system for LRP events
Copyright (C) 2006, 2007 Russell Peter Phillips

This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; either version 2
of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
*/

include ('inc_head_db.php');

if (strtolower ($_POST ['btnSubmit']) == 'edit') {
	//Make up URL
	$sHost = $_SERVER['HTTP_HOST'];
	$sURI = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
	$sFile = 'ooc_form.php';
	header ("Location: http://$sHost$sURI/$sFile");
}
elseif (strtolower ($_POST ['btnSubmit']) == 'confirm') {
	$sDate = date ('Y-m-d');
	//Character details - check if character exists
	$sql = "SELECT * FROM bookings WHERE bkPlayerID = $PLAYER_ID";
	$result = mysqli_query ($link, $sql);
	//If player has not booked insert a new row
	if (mysqli_num_rows ($result) == 0) {
		$sql = "INSERT INTO bookings (bkPlayerID, bkDateOOCConfirmed) VALUES ($PLAYER_ID, '$sDate')";
		if (! mysqli_query ($link, $sql)) {
			$sWarn = "There was a problem confirming your OOC details";
			LogError ("Error inserting new OOC booking.\nPlayer ID: $PLAYER_ID");
		}
	}
	else {
		//Update existing row
		$sql = "UPDATE bookings SET bkDateOOCConfirmed = '$sDate' WHERE bkPlayerID = $PLAYER_ID";
		if (! mysqli_query ($link, $sql)) {
			$sWarn = "There was a problem confirming your OOC details";
			LogError ("Error inserting new OOC booking.\nPlayer ID: $PLAYER_ID");
		}
	}
	//Make up URL
	$sHost = $_SERVER['HTTP_HOST'];
	$sURI = rtrim(dirname($_SERVER['PHP_SELF']), '/\\');
	$sFile = 'start.php?green=' . urlencode ('Your OOC details have been confirmed');
	header ("Location: http://$sHost$sURI/$sFile");
}

//Get bookings details. Determine if player is booked
$sql = "SELECT * FROM bookings WHERE bkPlayerID = $PLAYER_ID";
$result = mysqli_query ($link, $sql);
$row = mysqli_fetch_assoc ($result);
$sOOC = $row ['bkDateOOCConfirmed'];
if ($sOOC == '' || $sOOC == '0000-00-00')
	$bConfirmed = False;
else
	$bConfirmed = True;

include ('inc_head_html.php');
include ('inc_forms.php');

//Get OOC details
$key = CRYPT_KEY;
$sql = "SELECT AES_DECRYPT(plFirstName, '$key') AS dFirstName, " .
	"AES_DECRYPT(plSurname, '$key') AS dSurname, " .
	"AES_DECRYPT(plAddress1, '$key') AS dAddress1, " .
	"AES_DECRYPT(plAddress2, '$key') AS dAddress2, " .
	"AES_DECRYPT(plAddress3, '$key') AS dAddress3, " .
	"AES_DECRYPT(plAddress4, '$key') AS dAddress4, " .
	"AES_DECRYPT(plPostcode, '$key') AS dPostcode, " .
	"AES_DECRYPT(plTelephone, '$key') AS dTelephone, " .
	"AES_DECRYPT(plMobile, '$key') AS dMobile, " .
	"AES_DECRYPT(plEmail, '$key') AS dEmail, " .
	"AES_DECRYPT(plDOB, '$key') AS dDOB, " .
	"AES_DECRYPT(plMedicalInfo, '$key') AS dMedicalInfo, " .
	"AES_DECRYPT(plEmergencyName, '$key') AS dEmergencyName, " .
	"AES_DECRYPT(plEmergencyNumber, '$key') AS dEmergencyNumber, " .
	"AES_DECRYPT(plEmergencyRelationship, '$key') AS dEmergencyRelationship, " .
	"AES_DECRYPT(plCarRegistration, '$key') AS dCarRegistration, " .
	"AES_DECRYPT(plDietary, '$key') AS dDietary, " .
	"AES_DECRYPT(plBookAs, '$key') AS dBookAs" .
	" FROM players WHERE plPlayerID = $PLAYER_ID";
$result = mysqli_query ($link, $sql);
$row = mysqli_fetch_assoc ($result);
?>

<h1><?=TITLE?> - OOC Details</h1>

<p>
<?
if ($bConfirmed)
	echo "Your IC information has been confirmed. You will not be able to change it until after the upcoming event.";
else
	echo "Please check all of the informatin carefully. If anything needs amended, please click the <b>Edit</b> button. If you are happy that everything is correct, please click the <b>Confirm</b> button. Once you have confirmed that the information is correct, it will be frozen until after the upcoming event.";
?>
</p>

<table><tr>
<td>First name:</td>
<td><?=htmlentities (stripslashes ($row ['dFirstName']))?></td>
</tr><tr>
<td>Surname:</td>
<td><?=htmlentities (stripslashes ($row ['dSurname']))?></td>
</tr><tr><td colspan = "2">&nbsp;</td></tr><tr>
<td>Address:</td>
<td><?=htmlentities (stripslashes ($row ['dAddress1']))?><br>
<?=htmlentities (stripslashes ($row ['dAddress2']))?><br>
<?=htmlentities (stripslashes ($row ['dAddress3']))?><br>
<?=htmlentities (stripslashes ($row ['dAddress4']))?></td>
</tr><tr><td colspan = "2">&nbsp;</td></tr><tr>
<td>Postcode:</td>
<td><?=htmlentities (stripslashes ($row ['dPostcode']))?></td>
</tr><tr>
<td>Telephone number:</td>
<td><?=htmlentities (stripslashes ($row ['dTelephone']))?></td>
</tr><tr>
<td>Mobile number:</td>
<td><?=htmlentities (stripslashes ($row ['dMobile']))?></td>
</tr><tr>
<td>E-mail address:</td>
<td><?=htmlentities (stripslashes ($row ['dEmail']))?></td>
</tr><tr>
<td colspan = "2">&nbsp;</td>
</tr><tr>
<td>Date of birth:</td>
<td>
<?
$sDoB = $row ['dDOB'];
$iDobYear = substr ($sDoB, 0, 4);
$iMonth = substr ($sDoB, 4, 2);
$iDate = substr ($sDoB, 6, 2);
echo "$iDate-$iMonth-$iDobYear";
?>
</td>
</tr><tr>
<td colspan = "2">&nbsp;</td>
</tr><tr>
<td>Medical information:</td>
<td>
<?
$sMedInfo = $row ['dMedicalInfo'];
$sMedInfo = str_replace ("\n", "<br>", $sMedInfo);
echo $sMedInfo;
?>
</td>
</tr><tr>
<td colspan = "2">&nbsp;</td>
</tr><tr>
<td>Emergency contact name:</td>
<td><?=htmlentities (stripslashes ($row ['dEmergencyName']))?></td>
</tr><tr>
<td>Emergency contact number:</td>
<td><?=htmlentities (stripslashes ($row ['dEmergencyNumber']))?></td>
</tr><tr>
<td>Relationship to emergency contact:</td>
<td><?=htmlentities (stripslashes ($row ['dEmergencyRelationship']))?></td>
</tr><tr>
<td colspan = "2">&nbsp;</td>
</tr><tr>
<td>Car registration:</td>
<td><?=htmlentities (stripslashes ($row ['dCarRegistration']))?></td>
</tr><tr>
<td>Dietary requirements:</td>
<td class = "border: thin black"><?=htmlentities (stripslashes ($row ['dDietary'] ))?></td>
</tr><tr>
<td>Booking as:</td>
<td><?=htmlentities (stripslashes ($row ['dBookAs'] ))?></td>
</tr>
<tr><td colspan = '2'>&nbsp;</td></tr>
<form action = "ooc_view.php" method = "post">
<?
if ($bConfirmed == False) {
	echo "<tr><td colspan = '2'><span class = 'warn'>Confirming will freeze details until after the upcoming event</span></td></tr>\n";
	echo "<tr><td colspan = '2'>&nbsp;</td></tr>\n";
	echo "<tr><td class = 'mid'><input type = 'submit' value = 'Edit' name = 'btnSubmit'></td>\n";
	echo "<td class = 'mid'>";
	//Check that bookings are still available
	if ($row ['dBookAs'] == 'Player' && ALLOW_PLAYER_BOOKINGS === False)
		echo "<span class = 'sans-warn'>Player bookings are closed</a>\n";
	elseif ($row ['dBookAs'] == 'Monster' && ALLOW_MONSTER_BOOKINGS === False)
		echo "<span class = 'sans-warn'>Monster bookings are closed</a>\n";
	elseif ($row ['dBookAs'] == 'Staff' && ALLOW_STAFF_BOOKINGS === False)
		echo "<span class = 'sans-warn'>Staff bookings are closed</a>\n";
	else
		echo "<input type = 'submit' value = 'Confirm' name = 'btnSubmit'>";
	echo "</td></tr>\n";
}
?>
</form>
</table>

</form>

<?
include ('inc_foot.php');
?>
